The Internet is unnervingly quiet today. In response to the Stop Online Piracy Act (SOPA) in the House of Representatives and the Protect IP Act (PIPA) in the Senate, some of the most popular sites on the web have gone dark today – demonstrating the danger (and the potential unchecked power) of these two bills.

The Internet was abuzz ... but the Champagne wasn't getting popped yet. After digging into the details, it was revealed that SOPA being "shelved" just meant that it is being temporarily put to sleep. Judiciary Committee Chairman Lamar Smith stood explained:

"To enact legislation that protects consumers, businesses and jobs from foreign thieves who steal America's intellectual property, we will continue to bring together industry representatives and Members to find ways to combat online piracy.

Due to the Republican and Democratic retreats taking place over the next two weeks, markup of the Stop Online Piracy Act is expected to resume in February."

I only mention this because it's important not to forget that SOPA isn't dead, and it's still very dangerous. If you visit sites like reddit, Wikipedia, Mozilla and Boing Boing today (January 18, 2012), you experience the potential impact of the legislation.

The Internet's outrage against SOPA has brought about real change in our nation's capital: The House is reconsidering the bill, and they'll hopefully dismiss it. With our collective momentum, we need to look at the PROTECT IP Act (PIPA, or Senate Bill 968) – a similar bill with similarly harmful implications that's been sneaking around in SOPA's shadow.

As it is defined today, PIPA has a stated goal of providing the US Government and copyright holders an additional arsenal of tools to aide in taking down 'rogue websites dedicated to infringing or counterfeit goods.' The Senate bill details that an "information location tool shall take technically feasible and reasonable measures, as expeditiously as possible, to remove or disable access to the Internet site associated with the domain name set forth in the order." In addition, it must delete all hyperlinks to the offending "Internet site."

Our opposition to PIPA is nearly identical to our opposition to SOPA. Both require a form of essentially breaking a core aspect of how the Internet functions – whether that breakage happens in DNS (as detailed in my last blog post) or in the required rearchitecture of the way any site that accepts user-generated content has to respond to PIPA-related complaints.

PIPA is scheduled for Senate vote on January 24, 2012. It is important that you voice your opinion with your government representatives and let them know about your opposition to both SOPA and PIPA. We want to help you get started down that path. Find your local representatives' contact information:

Last week, I explained SoftLayer's stance against SOPA and mentioned that SOPA would essentially require service providers like SoftLayer to "break the Internet" in response to reports of "infringing sites." The technical readers in our audience probably acknowledged the point and moved on, but our non-technical readers (and some representatives in Congress) might have gotten a little confused by the references to DNS, domains and IP addresses.

Given how pervasive the Internet is in our daily lives, you shouldn't need to be "a techie" to understand the basics of what makes the Internet work ... And given the significance of the SOPA legislation, you should understand where the bill would "break" the process. Let's take a high level look at how the Internet works, and from there, we can contrast how it would work if SOPA were to pass.

The Internet: How Sites Are Delivered

You access a device connected in some way to the Internet. This device can be a cell phone, a computer or even a refrigerator. You are connected to the Internet through an Internet Service Provider (ISP) which recognizes that you will be accessing various sites and services hosted remotely. Your ISP manages a network connected to the other networks around the globe ("inter" "network" ... "Internet").

You enter a domain name or click a URL (for this example, we'll use http://www.softlayer.com since we're biased to that site).

Your ISP will see that you want to access "www.softlayer.com" and will immediately try to find someone/something that knows what "www.softlayer.com" means ... This search is known as an NS (name server) lookup. In this case, it will find that "www.softlayer.com" is associated with several name servers.

The first of these four name servers to respond with additional information about "softlayer.com" will be used. Domains are typically required to be associated with two or three name servers to ensure if one is unreachable, requests for that domain name can be processed by another.

The name server has Domain Name System (DNS) information that maps "www.softlayer.com" to an Internet Protocol (IP) address. When a domain name is purchased and provisioned, the owner will associate that domain name with an authoritative DNS name server, and a DNS record will be created with that name server linking the domain to a specific IP address. Think of DNS as a phone book that translates a name into a phone number for you.

When the IP address you reach sees that you requested "www.softlayer.com," it will find the files/content associated with that request. Multiple domains can be hosted on the same IP address, just as multiple people can live at the same street address and answer the phone. Each IP address only exists in a single place at a given time. (There are some complex network tricks that can negate that statement, but in the interest of simplicity, we'll ignore them.)

When the requested content is located (and generated by other servers if necessary), it is returned to your browser. Depending on what content you are accessing, the response from the server can be very simple or very complex. In some cases, the request will return a single HTML document. In other cases, the content you access may require additional information from other servers (database servers, storage servers, etc.) before the request can be completely fulfilled. In this case, we get HTML code in return.

Your browser takes that code and translates the formatting and content to be displayed on your screen. Often, formatting and styling of pages will be generated from a Cascading Style Sheet (CSS) referenced in the HTML code. The purpose of the style sheet is to streamline a given page's code and consolidate the formatting to be used and referenced by multiple pages of a given website.

The HTML code will reference sources for media that may be hosted on other servers, so the browser will perform the necessary additional requests to get all of the media the website is trying to show. In this case, the most noticeable image that will get pulled is the SoftLayer logo from this location: http://static2.softlayer.com/images/layout/logo.jpg

When the HTML is rendered and the media is loaded, your browser will probably note that it is "Done," and you will have successfully navigated to SoftLayer's homepage.

If SOPA were to pass, the process would look like this:

The Internet: Post-SOPA

You access a device connected in some way to the Internet.

You enter a domain name or click a URL (for this example, we'll use http://www.softlayer.com since we're biased to that site).

*The Change*

Before your ISP runs an NS lookup, it would have to determine whether the site you're trying to access has been reported as an "infringing site." If http://www.softlayer.com was reported (either legitimately or illegitimately) as an infringing site, your ISP would not process your request, and you'd proceed to an error page. If your ISP can't find any reference to the domain an infringing site, it would start looking for the name server to deliver the IP address.

SOPA would also enforce filtering from all authoritative DNS provider. If an ISP sends a request for an infringing site to the name server for that site, the provider of that name server would be forced to prevent the IP address from being returned.

One additional method of screening domains would happen at the level of the operator of the domain's gTLD. gTLDs (generic top-level domains) are the ".____" at the end of the domain (.com, .net, .biz, etc.). Each gTLD is managed by a large registry organization, and a gTLD's operator would be required to prevent an infringing site's domain from functioning properly.

If the gTLD registry operator, your ISP and the domain's authoritative name server provider agree that the site you're accessing has not been reported as an infringing site, the process would resume the pre-SOPA process.

The proponents of SOPA are basically saying, "It's difficult for us to keep up with and shut down all of the instances of counterfeiting and copyright infringement online, but it would be much easier to target the larger sites/providers 'enabling' users to access that (possible) infringement." Right now, the DMCA process requires a formal copyright complaint to be filed for every instance of infringement, and the providers who are hosting the content on their network are responsible for having that content removed. That's what our abuse team does full-time. It's a relatively complex process, but it's a process that guarantees us the ability to investigate claims for legitimacy and to hear from our customers (who hear from their customers) in response to the claims.

SOPA does not allow for due process to investigate concerns. If a site is reported to be an infringing site, service providers have to do everything in their power to prevent users from getting there.

SoftLayer manages more than 100,000 servers in thirteen data centers around the world. We have more than 23,000 customers, and those customers are responsible for millions of websites (which get billions of pageviews every month). We're one of the largest hosting providers in the world, and we want to talk a little about the Stop Online Piracy Act (H.R. 3261 or "SOPA").

Many in our industry have already commented (and in some cases, "changed their minds") on SOPA and its equally evil twin, the PROTECT IP Act ("PIPA") in the Senate, but we wanted to share our perspective on the legislation. Even with these Dudley-Do-Right, Goody-Two-Shoes titles and their ambitious goals, SoftLayer opposes these bills in their current forms because they expose innocent and law-abiding hosting companies to uncertain liabilities.

Because this legislation has gotten quite a bit of attention in the past few months, you're probably already familiar with it, but if you haven't paid much attention, we can give you a quick summary: As you can read in the name of the bill, SOPA is being proposed to "Stop Online Piracy." SOPA is under consideration by the House Judiciary Committee, and its intent is to provide additional enforcement tools to combat foreign 'rogue' websites that are dedicated to copyright infringement or counterfeiting. That's a great goal, and SoftLayer does not oppose the intent of the Act ... As you saw from Kevin Hazard's blog post a few weeks ago, we have a team of people working all the time to track down and immediately address any violations of our terms of service (including copyright infringement), so we wholeheartedly agree that copyright infringement and counterfeiting are bad.

The way SOPA tries to address the problem is where we disagree with the bill, so let's talk about the most pertinent part of the bill for a service provider like SoftLayer. If SOPA were to pass, when a case of infringement is reported, we would have to "take such measures as [we determine] to be the least burdensome, technically feasible, and reasonable means designed to prevent access by [our] subscribers located within the United States to the foreign infringing site that is subject to the order."

What that means: We would be forced to turn off our customers' access to a small piece of the Internet.

How are we to do that? Well the "least burdensome, technically feasible, and reasonable means designed to prevent access" are not made clear, but most of the discussions about the bill have focused on changing the way the Doman Name System (DNS) resolves to an "infringing site." We'd be more or less ordered to break DNS ... DNS was designed to simply, accurately and quickly match a domain name with the IP address that domain's owner provides, and if SOPA were to pass, we'd have to tell DNS to behave correctly for every site EXCEPT the reported infringing sites. Again, that's not spelled out in the legislation, so it's like being given a job by someone who has no idea how to do the job nor whether the job is even possible to successfully complete.

And that's all assuming that the order to suspend access to an "infringing site" is legitimate. Many of the organizations that oppose SOPA have explained possible scenarios where orders could be filed under the guise of preventing copyright infringement. A competing site/business could claim:

"the operator of the site operates the site with the object of promoting, or has promoted, its use to carry out acts that constitute a violation of section 501 or 1201 of title 17, United States Code, as shown by clear expression or other affirmative steps taken to foster such violation."

In another scenario, a copyright holder could pull the trigger on an order simply at the thought that a user could infringe on a copyright on/via the "infringing site."

When the United States House of Representatives reconvenes after its winter recess, we will be watching intently with hopes that the Internet's response to the bill has effectively derailed it in its current form. As SoftLayer General Council Suzy Fulton mentioned in her post about Texas House Bill 1841, we've been working with an industry group called TechAmerica which submitted a letter to Congress about SOPA and many of the issues that could negatively affect our industry. Additionally, we've gotten involved with SaveHosting.org to speak out against laws that can hurt our customers.

As discussions continue about SOPA, we'll look for opportunities to share more of our insight with you here on our blog. Please let us know your thoughts about the legislation below.

Social unrest can affect our ability to serve our customers. In Egypt, the government recently cut off nearly all access to the Internet, so customers trying to access our servers from Egyptian IP space have been largely unsuccessful. How unsuccessful?

I gathered all the netblocks assigned to Egypt (currently around 5.8 million unique IPv4 IP addresses), and I queried our customer portal access logs and API for records of those IPs. We saw a massive drop on 1/28/2011. This coincides with reports on most major news networks that Egypt’s Internet access had been crippled. Prior to the January 28, the traffic was fairly typical.

Then this happened:

Between January 28 and February 2, about 0.2% of the traffic we normally see from Egypt reached our network. That means 99.8% of traffic was stifled by the network shutdowns.

As the Wall Street Journal reported yesterday, the Egyptian government restored Internet service, and our logs clearly corroborate that report.

Let’s say you worked for years to become a world class athlete. As a kid, you were in the gym while other athletes were at the movies. You were in the weight room on Saturday nights when no one else was there. You shunned pizza and soda in favor of grilled fish and fresh fruit. By the time Letterman hit the evening airwaves, you were well into restorative sleep. You were out the door for your morning runs while other athletes snoozed. As a result of all this, now you perform at an elite level and are very successful at your sport. Suddenly, you find that there are people who have a vested interest in helping you maximize your athletic potential. Your coaches, your managers, and companies who pay you to endorse their products all want to see you do your best. Why? Because doing your best helps them be more successful.

So, they provide you with all the things you need to maximize your potential. You get the best training gear and training regimens. You get the best nutrition. You get the right amount of rest. All these things help you maximize your potential. Thus the relationship is a nice symbiotic cycle – the more success you experience, the more success your coaches, managers, and endorsement companies experience. Win-win. Makes sense, right?

So, imagine the silliness if your coaches, managers, etc., made the decision that because you were so fortunate in your success that you had to “give back” almost half your resources to train the athletes who loafed, stayed out late, partied and gorged on pizza. Because you’re such a hard-working and smart athlete, you don’t need all those resources to participate adequately in your sport, they rationalize. Consequently, you don’t hit your potential, your coaches and managers don’t distinguish themselves, and endorsing companies don’t call you. You then feel that you’ve been punished for your hard work and success.

Sadly, much of our government policy falls under this flawed logic. The IRS just released their latest income tax stats for the year 2007. For that year the top 1% of earners paid 40.4% of all income taxes collected. We all know that right now we’re coming out of a recession and we really folks to invest in businesses and hire people to get the economy moving. So how do the 2007 numbers compare to, say, the 1980’s? During the ‘80’s, we managed to shake off the “stagflation” of the ‘70’s and get the economy rolling again. It was during this time that many technology juggernaut companies were spawned – Microsoft being a good example. So, how much of the income taxes in the ‘80’s were paid by the top 1% of earners? The average for the 10 years from 1980-1989 was 22.2%.

Let’s do some quick math. $1.116 trillion in income taxes was collected in 2007. Of that, $455.3 billion was paid by the top 1% of earners. If they paid 22.2% as in the ‘80’s, they would have paid $247.8 billion in taxes, and right now we’d have $207.5 billion MORE dollars invested in our economy. That would be quite a stimulus package! Our current policy punishes success and chokes off fuel from our economic engines while we’re trying to climb out of a worse recession than we had in the ‘70’s. Not smart.

Some may think that this would simply mean that our government deficit would be $207.5 billion higher. This is not the case at all. These folks that make up that top 1% didn’t get there by being lazy or not putting their money to work. I know some folks in that group, and they WANT to put their money to work! I know one gentleman who had to be told some legal docs for a deal could not be prepared over the weekend because Christmas was on that weekend. These folks are like the world class athlete I mentioned above – by and large they’re disciplined and hard-working. Their money will build new businesses and create more jobs, and the government will collect far more revenue from this new economic activity than it would give up in collections from these top 1% folks. Think about it – how many of us have ever been hired by a “poor” person? Instead of punishing economic success, we should encourage it!

Bottom line, if government policy were to make sense, it would encourage these folks to maximize their economic potential and find the correct balance of revenue to collect and yet still promote economic growth. What would we prefer? That the government collects 50% of $1 trillion or 30% of $2 trillion? Hint: 30% of $2 trillion is a WAY better deal.

At SoftLayer, we think very differently about things. We simply do not punish our customers for succeeding. We empower them to be more successful – why? Because if our customers succeed, we succeed. We get this.

Can we prove this? Perhaps a look at how customers vote with their feet is an indicator. For the past few months, SoftLayer has seen the lowest percentage of customers terminating business with us in our history. If we punished our customers for their success, they would go elsewhere.